Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
File:                     lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json)
Hash identifier:          rKSf/hSUCnwtYWyTqCivV22qjnY5W0I8sPX9wQE41Q4=
Subject key identifier:   FE:96:23:3B:8F:48:7B:D1:5B:AB:E1:22:04:62:CD:11:21:8E:27:A4
Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
Certificate issuer:       /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Certificate serial:       0195124745E18A98FBABAB4449B3F790F93D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
Manifest number:          0178
Signing time:             Mon 17 Feb 2025 05:00:15 +0000
Manifest this update:     Mon 17 Feb 2025 05:00:15 +0000
Manifest next update:     Tue 18 Feb 2025 05:00:15 +0000
Files and hashes:         1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: t/DFPlHBDf4wI2RtrrfV/QOcTvZwRv2c+58eNoGMHeQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:47:45:e1:8a:98:fb:ab:ab:44:49:b3:f7:90:f9:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
        Validity
            Not Before: Feb 17 05:00:15 2025 GMT
            Not After : Feb 18 05:00:15 2025 GMT
        Subject: CN=fe96233b8f487bd15babe1220462cd11218e27a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5b:3d:d5:a9:03:4a:58:7f:80:1c:ae:c3:85:
                    22:d6:80:4c:6a:33:25:6a:2e:09:cb:a5:ac:0b:e6:
                    56:51:32:3a:06:51:4b:aa:52:12:bc:82:e3:82:66:
                    d5:86:a5:e8:b2:64:00:9c:51:bd:65:fe:b9:7e:4d:
                    d4:8a:c2:97:3b:c8:0d:ce:b4:fb:c2:f7:c4:1f:6d:
                    51:bc:49:3c:7e:1d:f6:67:75:21:57:e0:58:76:f0:
                    db:e7:be:ac:ad:4c:32:2e:03:f8:3b:45:c8:8d:75:
                    49:56:29:15:3e:1f:5f:89:e4:bc:ff:04:7e:40:2e:
                    38:4d:8e:8a:c9:21:ce:58:e9:14:82:a7:69:b6:cd:
                    e3:0d:ae:7e:78:fb:5e:6b:79:2e:aa:86:d6:3c:45:
                    e8:c8:2f:9f:56:60:0e:89:8e:05:e6:7e:14:4a:41:
                    6f:67:f8:d6:86:b6:f2:d2:73:21:5c:84:32:a3:83:
                    20:c8:5d:83:41:fc:99:39:de:ff:ae:02:21:95:a3:
                    75:8b:86:16:36:f6:6c:57:35:42:8d:c5:2e:19:18:
                    fd:d1:19:9f:19:53:9d:f9:16:2a:c4:00:9d:fc:2c:
                    cf:e2:53:47:fa:16:6b:fb:f6:be:1a:88:08:90:cb:
                    83:9e:d2:8b:92:42:24:e8:4e:97:9c:f4:91:49:a8:
                    f7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:96:23:3B:8F:48:7B:D1:5B:AB:E1:22:04:62:CD:11:21:8E:27:A4
            X509v3 Authority Key Identifier:
                keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:0f:a8:6d:33:2b:41:ea:d6:dc:82:bb:03:7c:16:50:e0:2c:
         34:e8:65:ea:a2:c5:53:0c:21:c2:aa:88:b2:3e:e9:e4:00:00:
         36:a9:02:9e:2b:3a:3e:4c:de:72:e9:f2:01:5c:d8:58:2d:da:
         0e:91:e0:42:11:6c:44:70:32:98:d6:1f:ce:f0:ae:5d:36:72:
         29:fc:3f:c8:9a:28:c8:de:ab:7a:ef:f1:03:b5:6d:bf:bd:75:
         26:ee:a4:70:da:46:bb:a3:83:b6:a3:18:6c:76:4d:62:bd:28:
         01:95:21:42:92:01:1c:a4:da:07:b3:74:a3:11:10:9f:33:75:
         93:f1:98:1f:e5:8d:f3:4b:49:ba:87:e7:8c:65:c7:fa:2d:47:
         95:fe:3c:5b:32:d0:50:66:01:b0:26:43:01:83:0d:c2:6d:86:
         80:db:4e:de:29:4c:a3:7f:d7:1c:dd:b2:25:8f:aa:8e:d5:1e:
         b7:77:6a:fc:49:4c:89:a9:91:0f:51:5e:6a:d5:f3:c1:5e:9c:
         a5:ff:d6:11:a7:b6:c2:b7:75:eb:00:58:3b:9c:26:7f:fd:87:
         1b:82:06:d1:cc:73:a5:21:83:95:5b:c7:33:3d:8a:cc:ba:03:
         77:29:52:d7:16:61:3c:33:7b:f7:4b:52:97:13:3c:33:35:94:
         40:4d:22:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR0Xhipj7q6tESbP3kPk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4
YmRlYjgwHhcNMjUwMjE3MDUwMDE1WhcNMjUwMjE4MDUwMDE1WjAzMTEwLwYDVQQD
EyhmZTk2MjMzYjhmNDg3YmQxNWJhYmUxMjIwNDYyY2QxMTIxOGUyN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1s91akDSlh/gByuw4Ui1oBMajMl
ai4Jy6WsC+ZWUTI6BlFLqlISvILjgmbVhqXosmQAnFG9Zf65fk3UisKXO8gNzrT7
wvfEH21RvEk8fh32Z3UhV+BYdvDb576srUwyLgP4O0XIjXVJVikVPh9fieS8/wR+
QC44TY6KySHOWOkUgqdpts3jDa5+ePtea3kuqobWPEXoyC+fVmAOiY4F5n4USkFv
Z/jWhrby0nMhXIQyo4MgyF2DQfyZOd7/rgIhlaN1i4YWNvZsVzVCjcUuGRj90Rmf
GVOd+RYqxACd/CzP4lNH+hZr+/a+GogIkMuDntKLkkIk6E6XnPSRSaj3CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6WIzuPSHvRW6vhIgRizREhjiekMB8GA1UdIwQY
MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt
ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh
LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArg+obTMr
QerW3IK7A3wWUOAsNOhl6qLFUwwhwqqIsj7p5AAANqkCnis6PkzecunyAVzYWC3a
DpHgQhFsRHAymNYfzvCuXTZyKfw/yJooyN6reu/xA7Vtv711Ju6kcNpGu6ODtqMY
bHZNYr0oAZUhQpIBHKTaB7N0oxEQnzN1k/GYH+WN80tJuofnjGXH+i1Hlf48WzLQ
UGYBsCZDAYMNwm2GgNtO3ilMo3/XHN2yJY+qjtUet3dq/ElMiamRD1FeatXzwV6c
pf/WEae2wrd16wBYO5wmf/2HG4IG0cxzpSGDlVvHMz2KzLoDdylS1xZhPDN790tS
lxM8MzWUQE0i4w==
-----END CERTIFICATE-----